github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2026-01-16 00:17:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

Update CHANGES

Browse Source
This commit is contained in:
brenosilva
2012-06-08 15:29:11 +00:00
parent 33c73a7ef5
commit c0896c3ae6
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
CHANGES
View File

@@ -1,3 +1,10 @@
08 Jun 2012 - 2.6.6
-------------------
* In 2009, Stefan Esser published an evasion technique that relies on the use of single quotes and PHP.
The trick was treating a request parameter as a file. A patch was applied into ModSecurity 2.5.11 by Brian Rectanus.
Ivan Ristic reported that the patch was imcomplete. We added extra checks for this evasion.
20 Mar 2012 - 2.6.5 20 Mar 2012 - 2.6.5
------------------- -------------------